NIAP: NIAP CCEVS Announcements
NIAP/CCEVS
  NIAP  »»  Announcements  »»  NIAP Announcements  
NIAP Announcements

  NIAP endorses and publishes the collaborative Protection Profile for Dedicated Security Component, Version 1.0 (16 September 2020)

NIAP has endorsed the collaborative Protection Profile (cPP) for Dedicated Security Component (DSC), Version 1.0 and published the cPP and Supporting Document to the NIAP-Approved PP List. This endorsement is a formal statement that products successfully evaluated against the DSC cPP that demonstrate exact conformance to the cPP, and in compliance with all NIAP policies, will be placed on the NIAP Product Compliant List (PCL).

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann1241

  NIAP Progress Report - First and Second Quarter 2020 (28 August 2020)

See the NIAP First and Second Quarter Progress Report to learn about recent NIAP accomplishments and activities, and upcoming releases. Read the report here.

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann1240

  NIAP endorses and publishes the collaborative Protection Profile Module for Stateful Traffic Filter Firewalls, Version 1.4e (01 July 2020)

NIAP has endorsed the collaborative Protection Profile Module for Stateful Traffic Filter Firewalls, Version 1.4e and published the cPP-Module and Supporting Documents to the NIAP-Approved PP List.  This endorsement is a formal statement that products successfully evaluated against the PP-Configuration for Network Device and Stateful Traffic Filter Firewalls, Version 1.4e, dated 25 June 2020 and in compliance with all NIAP policies, will be placed on the NIAP Product Compliant List. This PP-Module replaces the collaborative Protection Profile for Stateful Traffic Filter Firewalls Version 1.3 which will sunset 27 September 2020 in conjunction with its Base-PP's ( NDcPP Version 2.1) sunset date.

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann1238

  NIAP publishes the Protection Profile Module for VPN Gateways, Version 1.1 (01 July 2020)

NIAP has published the Protection Profile Module for VPN Gateways, Version 1.1, its Supporting Document, and PP-Configuration to the NIAP-Approved PP List.  Products may now be evaluated against the PP-Configuration for Network Device and Virtual Private Network (VPN) Gateways, Version 1.1, dated 01 July 2020. Changes were limited to updates to align with NDcPP 2.2e and incorporating all applicable Technical Decisions. This PP-Module replaces the PP-Module for VPN Gateways Version 1.0 which will sunset 27 September 2020 in conjunction with its Base-PP's ( NDcPP Version 2.1) sunset date.

 

Also, the Network Device international Technical Community (iTC) has added the PP-Module for VPN Gateways, V1.1 to the allowed-list for the PP-Module for Stateful Traffic Filter Firewalls, V1.4e.  Therefore, NIAP has published the PP-Configuration for Network Devices, Stateful Traffic Filter Firewalls, and Virtual Private Network (VPN) Gateways, Version 1.1, dated 01 July 2020 to the NIAP-Approved PP List.  Products may now be evaluated against this PP-Configuration which includes the following components:

 

·        collaborative Protection Profile for Network Devices, Version 2.1 (CPP_ND_V2.2e)

 

·        PP-Module for Stateful Traffic Filter Firewalls, Version 1.4 + Errata 20200625 (MOD_CPP_FW_V1.4e)

 

·        PP-Module for Virtual Private Network (VPN) Gateways, Version 1.1 (MOD_VPNGW_V1.1)

 

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann1239

  DHS/NIAP Pilot for Automating Mobile App Requirements Testing (29 June 2020)

Ensuring the security of mobile application (app) software for use within the federal government no longer needs to be time consuming or expensive.  Under a joint pilot program, the Department of Homeland Security (DHS) Science and Technology Directorate (S&T) and National Information Assurance Partnership (NIAP) have demonstrated that the process can be automated.

The pilot testing report, titled Automating National Information Assurance Partnership Requirements Testing for Mobile Apps, demonstrates that automated testing tools and methodologies are reliable and efficient. It behooves stakeholders from both the federal government and industry to continue developing them to address the increasing scale and complexity of certifying mobile apps.

 

Check out the full report here!

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann1237

Previous Announcements

  NIAP Resumes Operations (18 May 2020)

Effective 18 May 2020, the NIAP office will resume operations. Thank you for your patience and understanding as this occurs.

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann1236

  NIAP Endorses NDcPP v2.2e (27 March 2020)

 

NIAP has endorsed the Network Device collaborative Protection Profile v2.2e (NDcPP v2.2e) and published the cPP and Supporting Document to the NIAP-Approved PP List.  This endorsement is a formal statement that products successfully evaluated against the NDcPP v2.2e that demonstrate exact conformance to the cPP, and in compliance with all NIAP policies, will be placed on the NIAP Product Compliant List. This version succeeds Version 2.1 which will sunset effective 27 September 2020.

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann1232

  NIAP 2019 Report (27 March 2020)

See the 2019 NIAP Annual Report to learn about NIAP 2019 accomplishments and activities.  Read the report here.

 

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann1233

  PP-Configuration for Network Devices, Stateful Traffic Filter Firewalls, and Virtual Private Network (VPN) Gateways, Version 1.0 (06 March 2020)

The Network Device international Technical Community (iTC) has has added the PP-Module for VPN Gateways, V1.0 to the allowed-list for the PP-Module for Stateful Traffic Filter Firewalls, V1.3.  Therefore, NIAP has published the PP-Configuration for Network Devices, Stateful Traffic Filter Firewalls, and Virtual Private Network (VPN) Gateways, Version 1.0, dated 06 March 2020 to the NIAP-Approved PP List.  Products may now be evaluated against this PP-Configuration which includes the following components:

·        collaborative Protection Profile for Network Devices, Version 2.1 (CPP_ND_V2.1)

·        PP-Module for Stateful Traffic Filter Firewalls, Version 1.3 (MOD_CPP_FW_V1.3)

·        PP-Module for Virtual Private Network (VPN) Gateways, Version 1.0 (MOD_VPNGW_V1.0)

 

 

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann1231

  Call for Participants in Development of a Protection Profile for SOAR Platforms (30 January 2020)

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) in collaboration with Johns Hopkins University Applied Physics Laboratory (JHU/APL), on behalf of the Integrated Adaptive Cyber Defense (IACD) Initiative, is pleased to invite interested parties to be part of a Technical Community (TC) for the development of a Protection Profile for Security Orchestration, Automation, and Response (SOAR) Platforms. Members of this TC are expected to provide technical input to the development of a Protection Profile for a baseline set of Security Functional Requirements (SFRs) for products that implement SOAR Platform technologies.

A kick-off meeting will be held at JHU/APL on Monday, February 10th.  All interested parties should contact JHU/APL at PPforSOARApplications@jhuapl.edu, providing the information listed below for each potential participant: 

 • Name 
 • Affiliation (Vendor/CCTL/Academic Institution/Scheme/Other)  
 • Telephone number 
 • Email address 
 • A brief statement of the qualifications for participation in the TC

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann1230

  Call for Participants for General Purpose Computing Platform (GPCP) Technical Community (13 January 2020)

Hello,

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to invite interested parties to be part of a Technical Community (TC) for the development of a Protection Profile for General Purpose Computing Platform (GPCP). Members of this TC are expected to provide technical input to the development of a Protection Profile for a baseline set of Security Functional Requirements (SFRs) for products that implement GPCP.

All interested parties should contact NIAP/CCEVS at tc-gpcp-staff@niap-ccevs.org, providing the information listed below for each potential participant:

   • Name

   • Affiliation (Vendor/CCTL/Academic Institution/Scheme/Other) 

   • Telephone number

   • Email address

   • A brief statement of the qualifications for participation in the TC

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann1229

  PP-Configuration for Application Software and Virtual Private Network (VPN) Clients, Version 1.0 Removed (17 December 2019)

 

NIAP is no longer accepting evaluations against the PP-Configuration for Application Software and Virtual Private Network (VPN) Clients, Version 1.0, 04 September 2019. The intent for standalone VPN Client applications (those which are not bundled as part of an OS or Mobile Device) is that they implement their own cryptography. There are numerous inconsistencies within the PP-Module related to standalone VPN client applications that need to be addressed. NIAP will engage with the TC to determine the modifications needed to properly accommodate standalone VPN applications.

 

 

 

All parties interested in joining the TC should contact NIAP/CCEVS at TC-VPNClient-Staff@niap-ccevs.org, providing the information listed below for each potential participant:

 

    Name

 

    Affiliation (Vendor/CCTL/Academic Institution/Scheme/Other)

 

    Telephone number

 

    Email address

 

    A brief statement of the qualifications for participation in the TC

 

 

 

Please note: If you are already a member of this Technical Community, there is no need to re-apply.

 

 

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann1228

  NIAP Policy #5 amd Policy #5 Frequently Asked Questions Updated (06 December 2019)

NIAP CCEVS Policy #5: "Applicability and Relationship of NIST Cryptographic Algorithm Validation Program (CAVP) and Cryptographic Module Validation Program (CMVP) to NIAP's Common Criteria Evaluation and Validation Scheme (CCEVS)" and "Frequently Asked Questions for NIAP Policy #5" have been updated and published to the NIAP website. An updated CAVP Mapping Document will be forthcoming.  Policy #5, Policy #5 FAQ, and the CAVP mapping document provide clarification and guidance of how NIST's  algorithm and module validations are determined to be acceptable evidence for meeting some PP/cPP assurance activities.

The documents can be  found here:  https://www.niap-ccevs.org/Documents_and_Guidance/policy.cfm

If you have any questions or concerns, please contact us at 410-854-4458 or by email niap@niap-ccevs.org.

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann1227

  NIAP publishes the Protection Profile Module for VPN Gateways, Version 1.0 (22 November 2019)

NIAP has published the Protection Profile Module for VPN Gateways, Version 1.0, its Supporting Document, and PP-Configuration to the NIAP-Approved PP List.  Products may now be evaluated against the PP-Configuration for Network Device and Virtual Private Network (VPN) Gateways, Version 1.0, dated 22 November 2019. Changes were limited to converting the VPN Gateway Extended Package to PP-Module format for use with NDcPP 2.1 and incorporating all applicable Technical Decisions. Therefore, the Extended Package for VPN Gateways Version 2.1 will sunset on 31 December 2019.

In addition, NIAP is developing the necessary iTC required documentation to request the VPNGW PP-Module be added to the allowed-list for the FW PP-Module. Once approved, a PP-Configuration will be published and another announcement will be sent.

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann1226

  NIAP Progress Report - Third Quarter 2019 (20 November 2019)

See the NIAP Third Quarter Progress Report   to learn about recent NIAP accomplishments and activities, and upcoming releases.

Read the report here.

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann1225

  NIAP endorses and publishes the collaborative Protection Profile Module for Stateful Traffic Filter Firewalls, Version 1.3 (23 October 2019)

NIAP has endorsed the collaborative Protection Profile Module for Stateful Traffic Filter Firewalls, Version 1.3 and published the cPP-Module and Supporting Documents to the NIAP-Approved PP List.  This endorsement is a formal statement that products successfully evaluated against the PP-Configuration for Network Device and Stateful Traffic Filter Firewalls, Version 1.3, dated 27 September 2019 and in compliance with all NIAP policies, will be placed on the NIAP Product Compliant List. This PP-Module replaces the collaborative Protection Profile for Stateful Traffic Filter Firewalls Version 2.0 + Errata 20180314. Changes were limited to converting the cPP to PP-Module format and incorporting all applicable Technical Decisions. Given the minimal changes,  Version 2.0E will sunset on 31 December 2019.

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann1224
Site Map              Contact Us              Home